Symantec points usage of leaked CIA spy toolkit in 40 operations

When the spying toolkit from CIA was leaked early March on WikiLeaks, the world raised its brows over the possibility of leaking top secret stuff from one of the most advanced intelligence agencies of the world; with the US President Donald Trump embarrassingly admitting that the “CIA was hacked and a lot of things taken”. Now, computer security firm Symantec points towards the use of that leaked spying software in as many as 40 spying operations.

In one of Symantec’s blog post, it was stated that the tools released on WikiLeaks’ website have been found to be linked to activities related to electronic infiltration of international, financial, energy and aerospace organizations across the world. "I will say, in terms of the regions, the largest region represented in terms of those targets was the Middle East," O'Brien said in a telephone interview.

It is to be noted that the word “CIA” hasn’t been used anywhere in Symantec’s blog post. O’Brien stressed that the assessment was right but they couldn’t zero-in on a specific government agency as it would be “outside their area of expertise”. Symantec, like other security firms, performs any assessment based on data sourced from its clients. However, it is very obvious that Symantec is indicating to the tools leaked on WikiLeaks recently.

Symantec has been protecting its clients from a group called Longhorn that uses a range of back door Trojans in addition to zero-day vulnerabilities to compromise its targets. Longhorn has infiltrated many government organizations as well as affected the financial, telecom, energy, aerospace, information technology, education, and natural resources sectors.

Symantec claims that one computer in the US was found to be “compromised” by the hacking toolkit, after which it was uninstalled within hours, thus indicating an accidental infection.